trust in healthcareTrust for businesses, especially, healthcare could be the difference maker between success and failure. Have you seen the report about consumer online digital trust and what it means to all businesses? The report,  The Global State of Online Digital Trust  A Frost & Sullivan White Paper, was commissioned by ca technologies and published in July 2018.  This survey study was done to compare perceptions about consumer trusts that executives and security professionals have vs the actual consumer trust findings when surveying consumers.  Would you believe there is a disconnect across the three perceptions?

HIPAA For MSPs by David Sims How Much Does Trust Matter In Healthcare?
00:00:00 00:00:00

Every one certainly believes that protecting personal information is vitally important.  This study found that:

78% of consumers responded that it is very important or crucial that their PII be protected online. Virtually no respondents indicate that protecting PII is not important. Furthermore, 86% indicate that a high level of data protection is a priority when choosing online services.

This study isn’t just about healthcare PHI but also about all personally identifiable information (PII).  When we say that healthcare data is the most valuable of the personal data it doesn’t mean the rest of the personal data is worthless.  It, too, is very valuable.  That is where trust comes into the conversation.

Consumer trust around digital data protection is flagging.

While organizations believe they’re doing a good job of protecting consumer data, the statistics don’t bear it out. The good news is that a consensus is forming among organizations that investing in technology to protect consumer data is critical.

One graphic that really caught my eye was the responses to whether security should take precedence over convenience.  We can probably explain these numbers.  Consumers asked the question had an impressive 86% say security over convenience.  Of course, we know what people say in a survey varies widely from what actually happens in real life.  Just making people use a password and not share it sends some folks over the edge.  They would still say security was more important than convenience until they are the ones being inconvenienced.

pasted image 0

Executive’s opinions were much different than their consumers.  59% said security first.  Having dealt with making sure people can access what they want without being inconvenienced makes me think that number is actually high.  But, definitely much lower than consumers.

Finally, security pros had on 52% saying security beats convenience.  I am probably speculating here but those folks are the ones that take the brunt of the complaints when security is implemented.  They know very well what happens when the other two groups have to deal with inconveniences.  They are also the ones that know how important security really should be in an organization.  Is it that they have been beaten down, the way the question was presented, or something completely different?  Still, that is a big difference between the three perspectives.  It clearly indicates a disconnect.

When they asked companies and consumers the same kinds of questions about whether consumers trust companies you can really see the divide.  Organizations believe they are probably scoring around a 75% for trust with their consumers.  Consumers say, nope, not really.  61% say they trust organizations.  A whopping 14% variation in perceptions.

Loss of trust is damaging

Here is the big ticket number.  They reviewed what it means when you lose that trust.  How does it impact a business?  Oh, and they broke it down by industry.  Want to guess who suffered the most?  Yep, healthcare.

Healthcare organizations are by far the most likely to report strong negative impacts on consumer trust and their bottom line as the result of a data breach.

pasted image 0 1

The report even goes so far as to say it is “not surprising that healthcare organizations suffer greatly” after a breach.  Wow, no one is surprised about that yet discussions about preparations and more protections often fall on deaf ears until after the breach has occurred.

Remember, these numbers are based on the ones who have actually reported a breach.  I am certain some of these groups have things they have been able to wiggle around reporting that may not be so clean of a wiggle.  In healthcare, 86% admitted to a STRONG impact on consumer trust and 83% said a data breach resulted in a strong impact on the bottom line.  So, that isn’t so surprising to us but it isn’t to others either.

The next observation the report provided, though, was really what healthcare organizations should notice in relation to the strong impact rating.  Financial services reported strong impacts on trust (31%) and bottom line (29%).  That is a huge difference than healthcare’s scary numbers.  Even more telling though was why they believe this to be the case.

Financial services firms may have higher immunity to the negative impacts of data breaches because of their swift reactions to incidents, including the cancellation and reissue of credit cards, forced password resets, proactive fraud prevention departments, and security awareness campaigns directed towards customers.

Basically, financial services firms are prepared for it to happen and take immediate action when it does happen.  Yes, that is an investment but it certainly looks like it is working.  I can’t imagine any other reason those numbers could be so widely different.

The report does go on to point out that 48% of consumers take issue and many change services after a data breach.

Moreover, when personal data is exfiltrated in a data breach, half (48%) of consumers also view the incident as a breach of their trust and stop using the online service that lost control of their data.

The report goes on to discuss selling PII and that also was surprising.  According to this survey, 80% of healthcare business executives say their terms of service allow them to share or sell your information.  Another 74% say they are actually doing it.  Not sure where that disconnect sits.  Most admit that the consumers have no idea what is in the terms and conditions that people agree to every day.  That gets us into them selling it back to insurance companies who may then use that information to set your premiums or deny you coverage.

If you haven’t evaluated the impact of a data breach on your business it is time to get educated and make some informed decisions.  As we continue to hear about data breaches in the news regularly consumers are paying attention.  Consumers get the letters letting them know this is happening.  This study provides some eye-opening statistics on how much those notifications are impacting your client’s or patient’s attitude towards your trustworthiness.